summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/platform/ptrace
diff options
context:
space:
mode:
authorgVisor bot <gvisor-bot@google.com>2021-07-12 20:38:33 +0000
committergVisor bot <gvisor-bot@google.com>2021-07-12 20:38:33 +0000
commitf28c339def09aea90fe60b3abb38215c5e5c8e52 (patch)
treeeac41ca885254d7a165bbc1438f2a785a6b48fb2 /pkg/sentry/platform/ptrace
parent798496a6e56be9a8ae7ed8b8055e424426233647 (diff)
parentebe99977a47d93ee769121f9463650cfb924e243 (diff)
Merge release-20210705.0-10-gebe99977a (automated)
Diffstat (limited to 'pkg/sentry/platform/ptrace')
-rw-r--r--pkg/sentry/platform/ptrace/subprocess_amd64.go1
-rw-r--r--pkg/sentry/platform/ptrace/subprocess_linux.go11
-rw-r--r--pkg/sentry/platform/ptrace/subprocess_linux_unsafe.go1
3 files changed, 13 insertions, 0 deletions
diff --git a/pkg/sentry/platform/ptrace/subprocess_amd64.go b/pkg/sentry/platform/ptrace/subprocess_amd64.go
index 90b1ead56..32a70f4d5 100644
--- a/pkg/sentry/platform/ptrace/subprocess_amd64.go
+++ b/pkg/sentry/platform/ptrace/subprocess_amd64.go
@@ -176,6 +176,7 @@ func patchSignalInfo(regs *arch.Registers, signalInfo *linux.SignalInfo) {
//
// This is safe to call in an afterFork context.
//
+//go:norace
//go:nosplit
func enableCpuidFault() {
unix.RawSyscall6(unix.SYS_ARCH_PRCTL, linux.ARCH_SET_CPUID, 0, 0, 0, 0, 0)
diff --git a/pkg/sentry/platform/ptrace/subprocess_linux.go b/pkg/sentry/platform/ptrace/subprocess_linux.go
index 06a3bd340..7e8a31802 100644
--- a/pkg/sentry/platform/ptrace/subprocess_linux.go
+++ b/pkg/sentry/platform/ptrace/subprocess_linux.go
@@ -120,6 +120,17 @@ func attachedThread(flags uintptr, defaultAction linux.BPFAction) (*thread, erro
return nil, err
}
+ return forkStub(flags, instrs)
+}
+
+// In the child, this function must not acquire any locks, because they might
+// have been locked at the time of the fork. This means no rescheduling, no
+// malloc calls, and no new stack segments. For the same reason compiler does
+// not race instrument it.
+//
+//
+//go:norace
+func forkStub(flags uintptr, instrs []linux.BPFInstruction) (*thread, error) {
// Declare all variables up front in order to ensure that there's no
// need for allocations between beforeFork & afterFork.
var (
diff --git a/pkg/sentry/platform/ptrace/subprocess_linux_unsafe.go b/pkg/sentry/platform/ptrace/subprocess_linux_unsafe.go
index 9c342c59b..0835e1d1c 100644
--- a/pkg/sentry/platform/ptrace/subprocess_linux_unsafe.go
+++ b/pkg/sentry/platform/ptrace/subprocess_linux_unsafe.go
@@ -26,6 +26,7 @@ import (
// unmaskAllSignals unmasks all signals on the current thread.
//
+//go:norace
//go:nosplit
func unmaskAllSignals() unix.Errno {
var set linux.SignalSet